Byres Security Teams with Juniper to Secure SCADA

  • Posted on 15 September 2009

Click here to find out

The Tofino Industrial Security group at Byres Security Inc (BSI) has teamed with Juniper Networks to demonstrate how the emerging IF-MAP standard from the Trusted Computing Group (TCG) can secure vulnerable Scada systems.

At the TCG booth at the Forrester Security Forum (Sept 10-11, Hyatt Regency La Jolla, San Diego, California), attendees experienced live the world’s first demonstration of legacy supervisory control and data acquisition (Scada) equipment being secured using Tofino SCADAnet Endboxes with real-time policy driven from a Juniper Networks IC Series Unified Access Control Appliance serving as a Metadata Access Point (MAP) server.

Scada systems, the brains of the world’s critical infrastructures, such as electric generation and transmission, oil and gas production and waste and water utilities, have become a major security concern for government policy makers. The widespread interconnectivity of these industrial control systems with enterprise IT networks, combined with legacy systems that can't be patched due to operational considerations and protocols never designed for security, have become a potential soft target for attackers. Complicating the situation, most of these Scada devices have little or no security capability on their own and will take decades to be replaced.

The new IF-MAP-based Scada security system allows corporate-wide security policy to be easily deployed for Scada devices that simply don’t know what security is, says BSI. It lets the information driving these policy decisions be dynamically determined from a large number of real-time sources, like Active Directory servers, Scada equipment positions or network security events.

Scada security expert and chief technology officer of Byres Security, Eric Byres notes: “Controls engineers and IT security professionals have long had a love-hate relationship over how to secure Scada and still leave the system reliable enough to provide critical services such as power or water 24x7x365. TCG’s IF-MAP technology provides a solution that both parties can love – a robust security solution that can be used seamlessly with legacy Scada equipment.”